Privacy & COPPA posture
Plain English. Last updated June 2026.
Who this is for
FamSpots is operated by parents and guardians who are 18 or older. Kids do not have their own accounts, cannot log in, cannot post anything, and cannot chat with anyone. By creating an account you confirm you're the parent or legal guardian of any child whose profile you add. See our Terms of Service.
Alias-first by design
We're intentionally alias-first: grown-ups pick a playful handle (Captain Mom, Trail Lead) and kids get code-name nicknames (Zippy Fox, Cosmic Otter). We never ask for real names, and the app nudges you toward an alias if what you type looks like one. The strongest privacy posture is not collecting PII in the first place — aliasing means there's nothing to leak even in the worst case. You can edit, export, or delete your profile at any time.
What we store
- The signed-in parent's email (from sign-in).
- The family profile you entered: kid nicknames (not full names), ages, dietary needs, food likes/dislikes, interests, accessibility/sensory needs, and your travel preferences.
- Places you favorited or recently picked (place id, name, address, timestamp), so the Saved tab works across devices.
- A daily counter of how many external API calls your account has made, so we can enforce a fair-use ceiling.
We do not store: kids' real names, photos, birthdates, contact info, school, exact home address, browsing behavior, or any data from third-party trackers. There are no ad SDKs and no analytics that identify you personally.
What happens with your location and queries
When you ask "What now?" we send your latitude/longitude and chosen intent to Google's Places API to find candidate places, and (optionally) a short prompt to an AI provider to write a one-line rationale. The AI prompt only contains the place name and the matching factors — never your kids' nicknames, ages, or identifying details verbatim. These requests are not retained on our servers beyond the response.
COPPA posture
COPPA applies to online services directed to children under 13. FamSpots is directed to parents, not children. We do not collect personal information from children directly. The family profile is supplied by the parent and stays scoped to that parent's account, protected by row-level security in the database.
Your rights and controls
- Edit: update your family profile any time in Settings.
- Export (GDPR Art. 20): download a JSON copy of everything we store about you — profile, favorites, recent picks, and usage counters — from Settings → "Download my data".
- Delete (GDPR Art. 17 / CCPA): permanently delete your account and all associated rows from Settings → "Delete my account". This cascade removes your family profile, favorites, recent picks, usage counters, and your sign-in. It cannot be undone.
Retention
Profile, favorites, and recent picks are retained until you delete them or close your account. Daily usage counters are retained for up to 90 days for abuse prevention. Server logs (no PII, no kid data) are kept up to 30 days.
Vendor caveats
- Google Places, Geocoding, and Place Photos are accessed through a server-side key proxy. Google's own terms (data retention, analytics) apply at their end and are outside our control.
- AI rationale generation is provided through the Lovable AI Gateway; we send only place names and matched factor strings, no kid identifiers.
- Auth, database, and storage are provided by Lovable Cloud. Sign-in tokens are kept in your browser's local storage to keep you signed in.
Security
Every table that stores your data uses row-level security so only your account can read or write its rows. Passwords are checked against known-breach lists at signup, and email verification is required before sign-in.
Changes & contact
If we materially change this policy, we'll surface a notice in the app before the change takes effect. Questions or data requests? Email privacy@famspots.com.